<?php
/*
nobo
zere.nobo@gmail.com
*/
class PublicAction extends Action {
	function _initialize(){
		if (isset($_POST["PHPSESSID"])) {
			session_id($_POST["PHPSESSID"]);
		}
		session_start();
    }
	// 检查用户是否登录
	protected function checkUser() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->assign('jumpUrl','login');
			$this->error('没有登录');
		}
	}

	// 顶部页面
	public function top() {
		C('SHOW_RUN_TIME',false);			// 运行时间显示
		C('SHOW_PAGE_TRACE',false);
		$model	=	M("Group");
		$list	=	$model->where('status=1')->getField('id,title');
		$this->assign('nodeGroupList',$list);
		$this->display();
	}
	// 尾部页面
	public function footer() {
		C('SHOW_RUN_TIME',false);			// 运行时间显示
		C('SHOW_PAGE_TRACE',false);
		$this->display();
	}
	// 菜单页面 //未啟用
	public function menu() {
        $this->checkUser();
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
            //显示菜单项
            $menu  = array();
            if(isset($_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]])) {

                //如果已经缓存，直接读取缓存
                $menu   =   $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]];
            }else {
                //读取数据库模块列表生成菜单项
                $node    =   M("Node");
				$id	=	$node->getField("id");
				$where['level']=2;
				$where['status']=1;
				$where['pid']=$id;
                $list	=	$node->where($where)->field('id,name,group_id,title')->order('sort asc')->select();
                $accessList = $_SESSION['_ACCESS_LIST'];
                foreach($list as $key=>$module) {
                     if(isset($accessList[strtoupper(APP_NAME)][strtoupper($module['name'])]) || $_SESSION['administrator']) {
                        //设置模块访问权限
                        $module['access'] =   1;
                        $menu[$key]  = $module;
                    }
                }
                //缓存菜单访问
                $_SESSION['menu'.$_SESSION[C('USER_AUTH_KEY')]]	=	$menu;
            }
            if(!empty($_GET['tag'])){
                $this->assign('menuTag',$_GET['tag']);
            }
			//dump($menu);
            $this->assign('menu',$menu);
		}
		C('SHOW_RUN_TIME',false);			// 运行时间显示
		C('SHOW_PAGE_TRACE',false);
		$this->display();
	}

    // 后台首页 查看系统信息//未啟用
    public function main() {
        $info = array(
            '操作系统'=>PHP_OS,
            '运行环境'=>$_SERVER["SERVER_SOFTWARE"],
            'PHP运行方式'=>php_sapi_name(),
            'ThinkPHP版本'=>THINK_VERSION.' [ <a href="http://thinkphp.cn" target="_blank">查看最新版本</a> ]',
            '上传附件限制'=>ini_get('upload_max_filesize'),
            '执行时间限制'=>ini_get('max_execution_time').'秒',
            '服务器时间'=>date("Y年n月j日 H:i:s"),
            '北京时间'=>gmdate("Y年n月j日 H:i:s",time()+8*3600),
            '服务器域名/IP'=>$_SERVER['SERVER_NAME'].' [ '.gethostbyname($_SERVER['SERVER_NAME']).' ]',
            '剩余空间'=>round((@disk_free_space(".")/(1024*1024)),2).'M',
            'register_globals'=>get_cfg_var("register_globals")=="1" ? "ON" : "OFF",
            'magic_quotes_gpc'=>(1===get_magic_quotes_gpc())?'YES':'NO',
            'magic_quotes_runtime'=>(1===get_magic_quotes_runtime())?'YES':'NO',
            );
        $this->assign('info',$info);
        $this->display();
    }

	// 用户登录页面
	public function login() {
		if(!isset($_SESSION[C('USER_AUTH_KEY')])) {
			$this->display();
		}else{
			$this->redirect('Index/index');
		}
	}

	public function index()
	{
		//如果通过认证跳转到首页
		redirect(__APP__);
	}

	// 用户登出
    public function logout()
    {
        if(isset($_SESSION[C('USER_AUTH_KEY')])) {
			unset($_SESSION[C('USER_AUTH_KEY')]);
			unset($_SESSION);
			session_destroy();
            $this->assign("jumpUrl",__URL__.'/login/');
            $this->success('登出成功！');
        }else {
            $this->error('已经登出！');
        }
    }
	public function password() {
		$this->checkUser();
		$this->display();
	}
	// 登录检测
	public function checkLogin() {
		if(empty($_POST['username'])) {
			$this->error('帐号错误！');
		}elseif (empty($_POST['password'])){
			$this->error('密码必须！');
		}elseif (empty($_POST['verify'])){
			$this->error('验证码必须！');
		}
       
		if($_SESSION['verify'] != md5($_POST['verify'])) {
			$this->error('验证码错误！');
		}
		$authInfo = $this->userlogin($_POST['username'],$_POST['password']);
		if(!$authInfo) {
			 $this->error('帐号不存在或密码错误！');
		}
		$_SESSION['userinfo']	=	$authInfo;
		$_SESSION['roleid'] = $_SESSION['userinfo']['roleid'];
        $_SESSION[C('USER_AUTH_KEY')]	=	$authInfo['userid'];
		$userid = $authInfo['userid'];
            //保存登录信息
			$User	=	M('admin');
			$ip		=	get_client_ip();
			$time	=	time();
            $data = array();
			$data['id']	=	$authInfo['id'];
			$data['lastlogintime']	=	$time;
			$data['logincount']	=	array('exp','logincount+1');
			$data['lastloginip']	=	$ip;
			$User->where("userid=".$userid)->save($data);
			$this->success('登录成功！');
	}
	protected function userlogin($username,$password) {
		$User = M('admin');
		$Role = M();
		$info = $User->where("username='$username'")->select();
		$info = $info[0];
		$password = md5($password.$info['encrypt']);
		if($password !== $info['password']) {
			return false;
		} else {
			$v = $Role->table(C('DB_RoleTable'))->where("status=1 and roleid=".$info['roleid'])->select();
			if($v) {
				return array_merge($info,$v[0]);
			} else {
				return false;
			}
		}
	}
    // 更换密码
    public function changePwd()
    {
		$this->checkUser();
		if(empty($_POST['oldpwd'])) {
			$this->error('旧密码不能为空！');
		}elseif (empty($_POST['password'])){
			$this->error('请输入新密码！');
		}elseif (strlen($_POST['password'])<=6){
			$this->error('密码长度不能低于6位！');
		}else {
			if($_POST['password'] !== $_POST['_password']) {
				$this->error('2次输入的密码不一致！');
			}
			
		}
		$User	 =	 M("User");
		$vo	=	$User->select($_SESSION[C('USER_AUTH_KEY')]);
		
		$data = array();
		$data['password'] = md5($_POST['oldpwd'].$vo[0]['encrypt']);
		
		/*if($data['password'] != $vo[0]['password']) {
			$this->error('旧密码输入不正确');
		}*/
		$data['password'] = md5($_POST['password'].$vo[0]['encrypt']);
		$data['userid'] = $_SESSION[C('USER_AUTH_KEY')];
		$n = $User->save($data);
		if(false === $n)
			
			$this->error('密码修改失败!');
		else 
			$this->success('密码修改成功!');
    }
public function profile() {
		$this->checkUser();
		$User	 =	 M("User");
		$vo	=	$User->getById($_SESSION[C('USER_AUTH_KEY')]);
		$this->assign('vo',$vo);
		$this->display();
	}
	 public function verify()
    {
		$type	 =	 isset($_GET['type'])?$_GET['type']:'gif';
        import("@.ORG.Util.Image");
        Image::buildImageVerify(4,1,$type);
    }
	public function seccode()
    {
		$this->verify();
    }
	public function checkverify() {
		if(empty($_GET['_URL_'][2])) {
			 $this->error('0');
		}
		if($_SESSION['verify'] != md5($_GET['_URL_'][2])) {
			$this->error('1');
		}
		$this->error('2');
	}
// 修改资料
	public function change() {
		$this->checkUser();
		$User	 =	 D("User");
		if(!$User->create()) {
			$this->error($User->getError());
		}
		$result	=	$User->save();
		if(false !== $result) {
			$this->success('资料修改成功！');
		}else{
			$this->error('资料修改失败!');
		}
	}
	public function _empty() {
		$this->display("Error:nofound");
	}
}
?>